package cn.li.security.sms;


import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


public class SmsAuthenticationFormFilter extends AbstractAuthenticationProcessingFilter {
    /**
     * form表单中手机号码的字段name
     */
    public static final String SPRING_SECURITY_FORM_MOBILE_KEY = "mobile";
    public static final String SPRING_SECURITY_FORM_VERIFY_CODE_KEY = "verifyCode";

    private String mobileParameter = SPRING_SECURITY_FORM_MOBILE_KEY;
    private String verifyCodeParameter = SPRING_SECURITY_FORM_VERIFY_CODE_KEY;
    /**
     * 是否仅 POST 方式
     */
    private boolean postOnly = true;

    public SmsAuthenticationFormFilter() {
        super(new AntPathRequestMatcher("/login/sms", "POST"));
    }


    /**
     * 登录请求
     * @param antPathPattern
     */
    public SmsAuthenticationFormFilter(String antPathPattern) {
        // 短信登录的请求 post 方式的 /sms/login
        super(new AntPathRequestMatcher(antPathPattern, "POST"));
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        if (postOnly && !request.getMethod().equals("POST")) {
            throw new AuthenticationServiceException(
                    "Authentication method not supported: " + request.getMethod());
        }
        String mobile = obtainParameter(request , this.mobileParameter);
        if(StringUtils.isEmpty(mobile)){
            throw new AuthenticationServiceException(
                    "please input param：" + this.mobileParameter);
        }
        String verifyCode = obtainParameter(request , this.verifyCodeParameter);
        if(StringUtils.isEmpty(verifyCode)){
            throw new AuthenticationServiceException(
                    "please input param：" + this.verifyCodeParameter);
        }
        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(mobile , verifyCode);
        setDetails(request, authRequest);
        return this.getAuthenticationManager().authenticate(authRequest);
    }


    /**
     * 子类可以重写改类，用于获得对应的参数
     * @param request
     * @param paramName
     * @return
     */
    protected String obtainParameter(HttpServletRequest request , String paramName) {
        String parameter =  request.getParameter(paramName);
        if (parameter == null) {
            parameter = "";
        }
        return  parameter.trim();
    }

    protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
        authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
    }

    public String getMobileParameter() {
        return mobileParameter;
    }

    /**
     * 配置手机号码参数名称
     * @param mobileParameter
     */
    public void setMobileParameter(String mobileParameter) {
        Assert.hasText(mobileParameter, "Mobile parameter must not be empty or null");
        this.mobileParameter = mobileParameter;
    }

    /**
     * 配置验证码参数
     * @param verifyCodeParameter
     */
    public void setVerifyCodeParameter(String verifyCodeParameter) {
        Assert.hasText(verifyCodeParameter, "verifyCodeParameter must not be empty or null");
        this.verifyCodeParameter = verifyCodeParameter;
    }

    public void setPostOnly(boolean postOnly) {
        this.postOnly = postOnly;
    }
}